Support
 
Support Get Quote
 
 
 
 

Antivirus Log Analysis

Antivirus log analysis using EventLog Analyzer

Almost every organization uses antivirus software to boost their endpoint security.Using a tool that can consolidate and correlate information from antivirus tools with all other network information, security administrators can get more contextual information and actionable insights that can help tackle attacks and threats.

Detecting threats by analyzing antivirus logs

EventLog Analyzer's custom log parser can analyze log data from various antivirus software vendors, such as McAfee, ESET, Symantec, Microsoft, and Kaspersky. It can also correlate antivirus logs with logs from other sources—such as firewalls, servers, databases, and workstations—to preempt security attacks.

In addition to the important log fields that are automatically parsed and extracted by the custom log parser, EventLog Analyzer also provides users the option to extract their own fields, which they can use to set up criteria for alert profiles or create custom correlation rules.

  • Correlation of antivirus log data: EventLog Analyzer can correlate log data from antivirus solutions with the rest of the network's log data—such as logs from servers, databases, firewalls, and routers—to spot attacks at an early stage. The solution comes with predefined correlation rules and also empowers users with the ability to create custom rules.
  • Real-time alerts for threats: EventLog Analyzer can notify administrators in real-time over email and SMS upon detecting threats or critical security incidents after analyzing the antivirus log data.
  • Security audit reports for antivirus logs: EventLog Analyzer also provides users the capability to build reports that show who performed what activities where and when. Users can schedule report generation for a specified time, redistribute reports over email, or export reports in PDF and HTML formats.

Antivirus softwares supported by EventLog Analyzer

  • Microsoft Antimalware
  • Norton Antivirus
  • Sophos Antivirus
Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
     
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
     
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
     
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
     
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
     
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer Trusted By

A Single Pane of Glass for Comprehensive Log Management